RubyGems - sqreen - Versions diffs - 1.18.6-java → 1.20.0-java - Mend

sqreen 1.18.6-java → 1.20.0-java

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (190) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +27 -0
data/lib/sqreen/actions.rb +2 -0
data/lib/sqreen/actions/actions_index.rb +16 -0
data/lib/sqreen/actions/base.rb +4 -10
data/lib/sqreen/actions/block_ip.rb +2 -0
data/lib/sqreen/actions/block_user.rb +2 -0
data/lib/sqreen/actions/ip_range_indexed_action_class.rb +4 -24
data/lib/sqreen/actions/ip_ranges_index.rb +32 -11
data/lib/sqreen/actions/redirect_ip.rb +2 -0
data/lib/sqreen/actions/redirect_user.rb +2 -0
data/lib/sqreen/actions/repository.rb +27 -8
data/lib/sqreen/actions/unknown_action_type.rb +4 -0
data/lib/sqreen/actions/user_action_class.rb +5 -30
data/lib/sqreen/actions/users_index.rb +35 -0
data/lib/sqreen/agent.rb +2 -1
data/lib/sqreen/aggregated_metric.rb +25 -0
data/lib/sqreen/attack_blocked.rb +2 -0
data/lib/sqreen/binding_accessor.rb +2 -0
data/lib/sqreen/binding_accessor/path_elem.rb +2 -0
data/lib/sqreen/binding_accessor/transforms.rb +8 -1
data/lib/sqreen/call_countable.rb +2 -0
data/lib/sqreen/capped_queue.rb +2 -0
data/lib/sqreen/cb.rb +2 -0
data/lib/sqreen/cb_tree.rb +2 -0
data/lib/sqreen/condition_evaluator.rb +2 -0
data/lib/sqreen/conditionable.rb +2 -0
data/lib/sqreen/configuration.rb +19 -1
data/lib/sqreen/context.rb +2 -0
data/lib/sqreen/default_cb.rb +2 -0
data/lib/sqreen/deferred_logger.rb +2 -0
data/lib/sqreen/deliveries.rb +2 -0
data/lib/sqreen/deliveries/batch.rb +6 -1
data/lib/sqreen/deliveries/simple.rb +6 -0
data/lib/sqreen/dependency.rb +3 -1
data/lib/sqreen/dependency/detector.rb +22 -14
data/lib/sqreen/dependency/libsqreen.rb +4 -0
data/lib/sqreen/dependency/new_relic.rb +2 -0
data/lib/sqreen/dependency/rack.rb +10 -5
data/lib/sqreen/dependency/rails.rb +4 -0
data/lib/sqreen/dependency/sentry.rb +2 -0
data/lib/sqreen/dependency/sinatra.rb +12 -1
data/lib/sqreen/encoding_sanitizer.rb +2 -0
data/lib/sqreen/error_handling_middleware.rb +2 -0
data/lib/sqreen/event.rb +9 -5
data/lib/sqreen/events/attack.rb +25 -18
data/lib/sqreen/events/remote_exception.rb +2 -22
data/lib/sqreen/events/request_record.rb +17 -70
data/lib/sqreen/exception.rb +2 -0
data/lib/sqreen/formatter_with_tid.rb +2 -0
data/lib/sqreen/framework_cb.rb +2 -0
data/lib/sqreen/frameworks.rb +2 -0
data/lib/sqreen/frameworks/generic.rb +2 -0
data/lib/sqreen/frameworks/rails.rb +1 -0
data/lib/sqreen/frameworks/rails3.rb +2 -0
data/lib/sqreen/frameworks/request_recorder.rb +15 -2
data/lib/sqreen/frameworks/sinatra.rb +2 -0
data/lib/sqreen/frameworks/sqreen_test.rb +2 -0
data/lib/sqreen/graft.rb +12 -0
data/lib/sqreen/graft/call.rb +150 -0
data/lib/sqreen/{dependency → graft}/callback.rb +12 -4
data/lib/sqreen/graft/hook.rb +316 -0
data/lib/sqreen/{dependency → graft}/hook_point.rb +152 -33
data/lib/sqreen/graft/hook_point_error.rb +10 -0
data/lib/sqreen/invalid_signature_exception.rb +2 -0
data/lib/sqreen/js.rb +2 -0
data/lib/sqreen/js/call_context.rb +2 -0
data/lib/sqreen/js/context_pool.rb +2 -0
data/lib/sqreen/js/exec_js_runnable.rb +2 -0
data/lib/sqreen/js/execjs_adapter.rb +2 -0
data/lib/sqreen/js/executable_js.rb +2 -0
data/lib/sqreen/js/js_service.rb +2 -0
data/lib/sqreen/js/js_service_adapter.rb +2 -0
data/lib/sqreen/js/mini_racer_adapter.rb +2 -0
data/lib/sqreen/js/mini_racer_executable_js.rb +2 -0
data/lib/sqreen/js/thread_local_exec_js_runnable.rb +2 -0
data/lib/sqreen/kit/signals/specialized/aggregated_metric.rb +72 -0
data/lib/sqreen/kit/signals/specialized/attack.rb +57 -0
data/lib/sqreen/kit/signals/specialized/binning_metric.rb +76 -0
data/lib/sqreen/kit/signals/specialized/http_trace.rb +26 -0
data/lib/sqreen/kit/signals/specialized/sdk_track_call.rb +50 -0
data/lib/sqreen/kit/signals/specialized/sqreen_exception.rb +57 -0
data/lib/sqreen/{backport.rb → legacy.rb} +3 -2
data/lib/sqreen/{instrumentation.rb → legacy/instrumentation.rb} +31 -2
data/lib/sqreen/legacy/old_event_submission_strategy.rb +221 -0
data/lib/sqreen/legacy/waf_redactions.rb +49 -0
data/lib/sqreen/log.rb +2 -0
data/lib/sqreen/log/loggable.rb +28 -0
data/lib/sqreen/logger.rb +2 -0
data/lib/sqreen/metrics.rb +2 -0
data/lib/sqreen/metrics/average.rb +2 -0
data/lib/sqreen/metrics/base.rb +5 -0
data/lib/sqreen/metrics/binning.rb +2 -0
data/lib/sqreen/metrics/collect.rb +2 -0
data/lib/sqreen/metrics/sum.rb +2 -0
data/lib/sqreen/metrics_store.rb +24 -12
data/lib/sqreen/metrics_store/already_registered_metric.rb +2 -0
data/lib/sqreen/metrics_store/unknown_metric.rb +2 -0
data/lib/sqreen/metrics_store/unregistered_metric.rb +2 -0
data/lib/sqreen/middleware.rb +2 -0
data/lib/sqreen/mono_time.rb +2 -0
data/lib/sqreen/node.rb +2 -0
data/lib/sqreen/not_implemented_yet.rb +2 -0
data/lib/sqreen/null_logger.rb +2 -0
data/lib/sqreen/payload_creator.rb +2 -0
data/lib/sqreen/payload_creator/header_section.rb +2 -0
data/lib/sqreen/performance_notifications.rb +2 -0
data/lib/sqreen/performance_notifications/binned_metrics.rb +10 -2
data/lib/sqreen/performance_notifications/log.rb +2 -0
data/lib/sqreen/performance_notifications/log_performance.rb +2 -0
data/lib/sqreen/performance_notifications/metrics.rb +2 -0
data/lib/sqreen/performance_notifications/newrelic.rb +2 -0
data/lib/sqreen/prefix.rb +2 -0
data/lib/sqreen/rails_middleware.rb +2 -0
data/lib/sqreen/remote_command.rb +2 -0
data/lib/sqreen/remote_command/failure_output.rb +5 -0
data/lib/sqreen/rules.rb +6 -2
data/lib/sqreen/rules/attrs.rb +2 -0
data/lib/sqreen/rules/auth_track_cb.rb +2 -0
data/lib/sqreen/rules/binding_accessor_matcher_cb.rb +2 -0
data/lib/sqreen/rules/binding_accessor_metrics.rb +2 -0
data/lib/sqreen/rules/blacklist_ips_cb.rb +2 -0
data/lib/sqreen/rules/count_http_codes.rb +2 -0
data/lib/sqreen/rules/crawler_user_agent_matches_cb.rb +2 -0
data/lib/sqreen/rules/crawler_user_agent_matches_metrics_cb.rb +2 -0
data/lib/sqreen/rules/custom_error_cb.rb +2 -0
data/lib/sqreen/rules/devise_auth_track_cb.rb +2 -0
data/lib/sqreen/rules/devise_signup_track_cb.rb +2 -0
data/lib/sqreen/rules/execjs_cb.rb +2 -0
data/lib/sqreen/rules/headers_insert_cb.rb +7 -0
data/lib/sqreen/rules/matcher_rule.rb +2 -0
data/lib/sqreen/rules/not_found_cb.rb +7 -0
data/lib/sqreen/rules/rails_parameters_cb.rb +2 -0
data/lib/sqreen/rules/record_request_context.rb +2 -0
data/lib/sqreen/rules/regexp_rule_cb.rb +2 -0
data/lib/sqreen/rules/rule_cb.rb +4 -0
data/lib/sqreen/rules/run_req_start_actions.rb +3 -1
data/lib/sqreen/rules/run_user_actions.rb +3 -1
data/lib/sqreen/rules/shell_env_cb.rb +2 -0
data/lib/sqreen/rules/signup_track_cb.rb +2 -0
data/lib/sqreen/rules/update_request_context.rb +2 -0
data/lib/sqreen/rules/url_matches_cb.rb +2 -0
data/lib/sqreen/rules/user_agent_matches_cb.rb +2 -0
data/lib/sqreen/rules/waf_cb.rb +41 -16
data/lib/sqreen/rules/xss_cb.rb +2 -0
data/lib/sqreen/run_when_called_cb.rb +2 -0
data/lib/sqreen/runner.rb +68 -12
data/lib/sqreen/runtime_infos.rb +2 -0
data/lib/sqreen/safe_json.rb +2 -0
data/lib/sqreen/sdk.rb +4 -0
data/lib/sqreen/sensitive_data_redactor.rb +21 -31
data/lib/sqreen/serializer.rb +2 -0
data/lib/sqreen/session.rb +41 -37
data/lib/sqreen/shared_storage.rb +2 -0
data/lib/sqreen/shared_storage23.rb +2 -0
data/lib/sqreen/shrink_wrap.rb +16 -0
data/lib/sqreen/signals/conversions.rb +283 -0
data/lib/sqreen/signals/http_trace_redaction.rb +111 -0
data/lib/sqreen/signals/signals_submission_strategy.rb +78 -0
data/lib/sqreen/signature_verifier.rb +2 -0
data/lib/sqreen/sinatra_middleware.rb +2 -0
data/lib/sqreen/sqreen_signed_verifier.rb +2 -0
data/lib/sqreen/token_invalid_exception.rb +2 -0
data/lib/sqreen/token_not_found_exception.rb +2 -0
data/lib/sqreen/trie.rb +2 -0
data/lib/sqreen/unauthorized.rb +2 -0
data/lib/sqreen/util.rb +5 -0
data/lib/sqreen/util/capped_array.rb +2 -0
data/lib/sqreen/util/capped_hash.rb +2 -0
data/lib/sqreen/util/capped_string.rb +2 -0
data/lib/sqreen/util/capper.rb +2 -0
data/lib/sqreen/version.rb +3 -1
data/lib/sqreen/waf_error.rb +2 -0
data/lib/sqreen/weave.rb +12 -0
data/lib/sqreen/weave/hardcoded.rb +19 -0
data/lib/sqreen/weave/instrumentor.rb +48 -0
data/lib/sqreen/weave/legacy.rb +12 -0
data/lib/sqreen/weave/legacy/instrumentation.rb +406 -0
data/lib/sqreen/web_server.rb +2 -0
data/lib/sqreen/web_server/generic.rb +2 -0
data/lib/sqreen/web_server/passenger.rb +2 -0
data/lib/sqreen/web_server/puma.rb +2 -0
data/lib/sqreen/web_server/rainbows.rb +2 -0
data/lib/sqreen/web_server/thin.rb +2 -0
data/lib/sqreen/web_server/unicorn.rb +2 -0
data/lib/sqreen/web_server/webrick.rb +2 -0
data/lib/sqreen/worker.rb +2 -0
metadata +65 -9
data/lib/sqreen/backport/original_name.rb +0 -86
data/lib/sqreen/dependency/hook.rb +0 -102

data/lib/sqreen/{instrumentation.rb → legacy/instrumentation.rb} RENAMED

@@ -1,6 +1,9 @@
+# typed: ignore
 # Copyright (c) 2015 Sqreen. All Rights Reserved.
 # Please refer to our terms for more information: https://www.sqreen.com/terms.html
+require 'sqreen/legacy'
 require 'sqreen/cb_tree'
 require 'sqreen/log'
 require 'sqreen/exception'
@@ -36,6 +39,8 @@ require 'set'
 # end
 module Sqreen
+module Legacy
   class Instrumentation
     OVERTIME_METRIC = 'request_overtime'.freeze
@@ -84,6 +89,7 @@ module Sqreen
             start = Sqreen.time
             res = cb.pre(instance, args, budget, &block)
             stop = Sqreen.time
+            Sqreen.log.debug { "ran pre cb #{cb} => #{res.inspect}" }
             # The first few pre callbacks could not have a request & hence a budget just yet so we try harder to find it
             budget = framework.remaining_perf_budget if framework && !budget && Sqreen.performance_budget
             if budget
@@ -139,6 +145,7 @@ module Sqreen
             start = Sqreen.time
             res = cb.post(return_val, instance, args, budget, &block)
             stop = Sqreen.time
+            Sqreen.log.debug { "ran post cb #{cb} => #{res.inspect}" }
             if budget
               budget -= (stop - start)
               cb.overtime! if budget <= 0.0
@@ -193,6 +200,7 @@ module Sqreen
             start = Sqreen.time
             res = cb.failing(exception, instance, args, budget, &block)
             stop = Sqreen.time
+            Sqreen.log.debug { "ran failing cb #{cb} => #{res.inspect}" }
             if budget
               budget -= (stop - start)
               cb.overtime! if budget <= 0.0
@@ -508,6 +516,7 @@ module Sqreen
       saved_meth_name
     end
+    ### bad idea anyway
     # WARNING We do not actually remove `meth`
     def unoverride_class_method(klass, meth)
       saved_meth_name = get_saved_method_name(meth)
@@ -526,6 +535,7 @@ module Sqreen
       end
     end
+    ### useless now
     if RUBY_VERSION < '1.9'
       def adjust_method_name(method)
         method.to_s
@@ -554,6 +564,8 @@ module Sqreen
       is_instance_method?(obj, method)
     end
+    ### is that actually used?
+    ### if so, do not attempt to alter frozen instances
     # Override a singleton method on an instance
     def override_singleton_method(instance, klass_name, meth)
       @@overriden_singleton_methods = true
@@ -647,8 +659,7 @@ module Sqreen
       already_overriden = @@overriden_methods.include? key
       unless already_overriden
-        Sqreen.log.debug "#{key} not overriden, returning"
-        return
+        Sqreen.log.debug "#{key} apparently not overridden"
       end
       defined_cbs = @@registered_callbacks.get(klass, method).flatten
@@ -674,6 +685,7 @@ module Sqreen
       elsif is_instance_method?(klass, method)
         unoverride_instance_method(klass, method)
       else
+        ### Module#prepend will take care of that
         # FIXME: Override define_method and other dynamic ways to
         # The following should be monitored to make sure we
         # don't forget dynamically added methods:
@@ -701,8 +713,13 @@ module Sqreen
     # @return [Array<Sqreen::CB>]
     def hardcoded_callbacks(framework)
       [
+        ### callback for performing sec responses based on ip
+        ### init redefined to implement smartass way to hook it upon the
+        ### framework's middleware #call
         Sqreen::Rules::RunReqStartActions.new(framework),
+        ### callback for performing sec responses based on user
         Sqreen::Rules::RunUserActions.new(Sqreen, :identify, 0),
+        ### callback for performing sec responses based on user
         Sqreen::Rules::RunUserActions.new(Sqreen, :auth_track, 1),
       ]
     end
@@ -711,6 +728,7 @@ module Sqreen
     # @param rules [Array<Hash>] Rules to instrument
     # @param framework [Sqreen::Frameworks::GenericFramework]
     def instrument!(rules, framework)
+      ### set up rule signature verifier
       verifier = nil
       if Sqreen.features['rules_signature'] &&
          Sqreen.config_get(:rules_verify_signature) == true &&
@@ -720,33 +738,44 @@ module Sqreen
         Sqreen.log.debug('Rules signature is not enabled')
       end
+      ### force clean instrumentation callback list
       remove_all_callbacks # Force cb tree to be empty before instrumenting
+      ### for each rule description, transform into format for adding callback
       rules.each do |rule|
         rcb = Sqreen::Rules.cb_from_rule(rule, self, metrics_engine, verifier)
         next unless rcb
+        ### attach framework to callback
         rcb.framework = framework
+        ### add callback
         add_callback(rcb)
       end
       # add hardcoded callbacks, observing priority
       hardcoded_callbacks(framework).each { |cb| add_callback(cb) }
+      ### globally declare instrumentation ready
+      ### from within instance method? not even thread local?
       Sqreen.instrumentation_ready = true
     end
     def initialize(metrics_engine = nil)
       self.metrics_engine = metrics_engine
       return if metrics_engine.nil?
+      ### init metric to count calls to sqreen
       metrics_engine.create_metric('name' => CallCountable::COUNT_CALLS,
                                    'period' => 60,
                                    'kind' => 'Sum')
+      ### init metric to count request whitelist matches (ip or path whitelist)
       metrics_engine.create_metric('name' => Sqreen::Rules::RecordRequestContext::WHITELISTED_METRIC,
                                    'period' => 60,
                                    'kind' => 'Sum')
+      ### init metric to count over budget hits
       metrics_engine.create_metric('name' => OVERTIME_METRIC,
                                    'period' => 60,
                                    'kind' => 'Sum')
     end
   end
 end
+end

data/lib/sqreen/legacy/old_event_submission_strategy.rb ADDED

@@ -0,0 +1,221 @@
+# typed: ignore
+# Copyright (c) 2015 Sqreen. All Rights Reserved.
+# Please refer to our terms for more information: https://www.sqreen.com/terms.html
+require 'sqreen/aggregated_metric'
+require 'sqreen/log/loggable'
+require 'sqreen/legacy/waf_redactions'
+module Sqreen
+  module Legacy
+    # see also Sqreen::Signals::SignalsSubmissionStrategy
+    # usage in Sqreen:Session
+    class OldEventSubmissionStrategy
+      include Sqreen::Log::Loggable
+      RETRY_MANY = 301
+      def initialize(post_proc)
+        @post_proc = post_proc
+      end
+      def post_metrics(metrics)
+        return if metrics.nil? || metrics.empty?
+        payload = { metrics: metrics.map { |m| EventToHash.convert_agg_metric(m) } }
+        post('metrics', payload, {}, RETRY_MANY)
+      end
+      # @param attack [Sqreen::Attack]
+      def post_attack(attack)
+        post('attack', EventToHash.convert_attack(attack), {}, RETRY_MANY)
+      end
+      # @param [Sqreen::RequestRecord] request_record
+      def post_request_record(request_record)
+        rr_hash = EventToHash.convert_request_record(request_record)
+        post('request_record', rr_hash, {}, RETRY_MANY)
+      end
+      # Post an exception to Sqreen for analysis
+      # @param exception [RemoteException] Exception and context to be sent over
+      def post_sqreen_exception(exception)
+        data = EventToHash.convert_exception(exception)
+        post('sqreen_exception', data, {}, 5)
+      rescue StandardError => e
+        logger.warn(format('Could not post exception (network down? %s) %s',
+                           e.inspect,
+                           exception.inspect))
+        nil
+      end
+      def post_batch(events)
+        batch = events.map do |event|
+          h = case event
+              when AggregatedMetric
+                logger.warn "Aggregated metric event in non-signal mode. Signals disabled at runtime?"
+                next
+              when Attack # in practice only found inside req rec
+                EventToHash.convert_attack event
+              when RemoteException
+                EventToHash.convert_exception event
+              when RequestRecord
+                EventToHash.convert_request_record event
+              else
+                logger.warn "Unexpected event type: #{event}"
+                next
+              end
+          h['event_type'] = event_kind(event)
+          h
+        end
+        Sqreen.log.debug do
+          tally = Hash[events.group_by(&:class).map { |k, v| [k, v.count] }]
+          "Doing batch with the following tally of event types: #{tally}"
+        end
+        post('batch', { batch: batch }, {}, RETRY_MANY)
+      end
+      private
+      # see +Sqreen::Session.post+
+      def post(*args)
+        @post_proc[*args]
+      end
+      def event_kind(event)
+        case event
+        when Sqreen::RemoteException then 'sqreen_exception'
+        when Sqreen::Attack then 'attack'
+        when Sqreen::RequestRecord then 'request_record'
+        end
+      end
+    end
+    module EventToHash
+      class << self
+        # @param attack [Sqreen::Attack]
+        def convert_attack(attack)
+          payload = attack.payload
+          res = {}
+          rule_p = payload['rule']
+          request_p = payload['request']
+          res[:rule_name]    = rule_p['name']         if rule_p && rule_p['name']
+          res[:rulespack_id] = rule_p['rulespack_id'] if rule_p && rule_p['rulespack_id']
+          res[:test]         = rule_p['test']         if rule_p && rule_p['test']
+          res[:infos]        = payload['infos']       if payload['infos']
+          res[:time]         = attack.time
+          res[:client_ip]    = request_p[:addr]       if request_p && request_p[:addr]
+          res[:request]      = request_p              if request_p
+          res[:params]       = payload['params']      if payload['params']
+          res[:context]      = payload['context']     if payload['context']
+          res[:headers]      = payload['headers']     if payload['headers']
+          res
+        end
+        # @param [Sqreen::RequestRecord] rr
+        def convert_request_record(rr)
+          res = { :version => '20171208' }
+          payload = rr.payload
+          if payload[:observed]
+            res[:observed] = payload[:observed].dup
+            rulespack = nil
+            if rr.observed[:attacks]
+              res[:observed][:attacks] = rr.observed[:attacks].map do |att|
+                natt = att.dup
+                [:attack_type, :block].each { |k| natt.delete(k) } # signals stuff
+                rulespack = natt.delete(:rulespack_id) || rulespack
+                natt
+              end
+            end
+            if rr.observed[:sqreen_exceptions]
+              res[:observed][:sqreen_exceptions] = rr.observed[:sqreen_exceptions].map do |exc|
+                nex = exc.dup
+                excp = nex.delete(:exception)
+                if excp
+                  nex[:message] = excp.message
+                  nex[:klass] = excp.class.name
+                end
+                rulespack = nex.delete(:rulespack_id) || rulespack
+                nex
+              end
+            end
+            res[:rulespack_id] = rulespack unless rulespack.nil?
+            if rr.observed[:observations]
+              res[:observed][:observations] = rr.observed[:observations].map do |cat, key, value, time|
+                { :category => cat, :key => key, :value => value, :time => time }
+              end
+            end
+            if rr.observed[:sdk] # rubocop:disable Style/IfUnlessModifier
+              res[:observed][:sdk] = rr.processed_sdk_calls
+            end
+          end
+          res[:local] = payload['local'] if payload['local']
+          if payload['request']
+            res[:request] = payload['request'].dup
+            res[:client_ip] = res[:request].delete(:client_ip) if res[:request][:client_ip]
+          else
+            res[:request] = {}
+          end
+          if payload['response']
+            res[:response] = payload['response'].dup
+          else
+            res[:response] = {}
+          end
+          res[:request][:parameters] = payload['params'] if payload['params']
+          res[:request][:headers] = payload['headers'] if payload['headers']
+          res = Sqreen::EncodingSanitizer.sanitize(res)
+          if rr.redactor
+            res[:request], redacted = rr.redactor.redact(res[:request])
+            redacted = redacted.uniq
+            if redacted.any? && res[:observed] && res[:observed][:attacks]
+              res[:observed][:attacks] = WafRedactions.redact_attacks!(res[:observed][:attacks], redacted)
+            end
+            if redacted.any? && res[:observed] && res[:observed][:sqreen_exceptions]
+              res[:observed][:sqreen_exceptions] = WafRedactions.redact_exceptions!(res[:observed][:sqreen_exceptions], redacted)
+            end
+          end
+          res
+        end
+        # @param exception_evt [Sqreen::RemoteException]
+        def convert_exception(exception_evt)
+          payload = exception_evt.payload
+          exception = payload['exception']
+          ev = {
+            :klass => exception.class.name,
+            :message => exception.message,
+            :params => payload['request_params'],
+            :time => payload['time'],
+            :infos => {
+              :client_ip => payload['client_ip'],
+            },
+            :request => payload['request_infos'],
+            :headers => payload['headers'],
+            :rule_name => payload['rule_name'],
+            :rulespack_id => payload['rulespack_id'],
+          }
+          ev[:infos].merge!(payload['infos']) if payload['infos']
+          return ev unless exception.backtrace
+          ev[:context] = { :backtrace => exception.backtrace.map(&:to_s) }
+          ev
+        end
+        # @param [Sqreen::AggregatedMetric] agg_metric
+        def convert_agg_metric(agg_metric)
+          {
+            name: agg_metric.name,
+            observation: agg_metric.data,
+            start: agg_metric.start,
+            finish: agg_metric.finish,
+          }
+        end
+      end
+    end
+  end
+end

data/lib/sqreen/legacy/waf_redactions.rb ADDED

@@ -0,0 +1,49 @@
+# typed: ignore
+# Copyright (c) 2015 Sqreen. All Rights Reserved.
+# Please refer to our terms for more information: https://www.sqreen.com/terms.html
+module Sqreen
+  module Legacy
+    module WafRedactions
+      class << self
+        def redact_attacks!(attacks, values)
+          return attacks if values.empty?
+          values = values.map { |v| v.downcase if v.is_a?(String) }
+          attacks.each do |e|
+            next(e) unless e[:infos]
+            next(e) unless e[:infos][:waf_data]
+            parsed = JSON.parse(e[:infos][:waf_data])
+            redacted = parsed.each do |w|
+              next unless (filters = w['filter'])
+              filters.each do |f|
+                next unless (v = f['resolved_value'])
+                next unless values.include?(v.downcase)
+                f['match_status'] = SensitiveDataRedactor::MASK
+                f['resolved_value'] = SensitiveDataRedactor::MASK
+              end
+            end
+            e[:infos][:waf_data] = JSON.dump(redacted)
+          end
+        end
+        # see https://github.com/sqreen/TechDoc/blob/master/content/specs/spec000022-waf-data-sanitization.md#changes-to-the-agents
+        def redact_exceptions!(exceptions, values)
+          return exceptions if values.empty?
+          exceptions.each do |e|
+            next(e) unless e[:infos]
+            next(e) unless e[:infos][:waf]
+            e[:infos][:waf].delete(:args)
+          end
+        end
+      end
+    end
+  end
+end

data/lib/sqreen/log.rb CHANGED

@@ -1,3 +1,5 @@
+# typed: ignore
 # Copyright (c) 2015 Sqreen. All Rights Reserved.
 # Please refer to our terms for more information: https://www.sqreen.com/terms.html

data/lib/sqreen/log/loggable.rb ADDED

@@ -0,0 +1,28 @@
+# typed: false
+# Copyright (c) 2015 Sqreen. All Rights Reserved.
+# Please refer to our terms for more information: https://www.sqreen.com/terms.html
+require 'logger'
+module Sqreen; end
+module Sqreen::Log; end
+module Sqreen::Log::Loggable
+  def self.included(klass)
+    klass.extend(ClassMethods)
+  end
+  module ClassMethods
+    def logger
+      # TODO: use progname for qualified log messages
+      # TODO: qualified logger proxies for selectable levels per component
+      # @logger ||= ::Logger.new(STDOUT, progname: name, level: Logger::DEBUG)
+      Sqreen.log
+    end
+  end
+  def logger
+    @logger || self.class.logger
+  end
+end